CVE-2026-4931 | THREATINT

Description

Smart contract Marginal v1 performs unsafe downcast, allowing attackers to settle a large debt position for a negligible asset cost.

PUBLISHED Reserved 2026-03-26 | Published 2026-04-07 | Updated 2026-04-08 | Assigner certcc

Problem types

CWE-681 Incorrect Conversion between Numeric Types

Product status

1

affected

References

cvefeed.io/...681-incorrect-conversion-between-numeric-types

scs.owasp.org/SCWE/SCSVS-CODE/SCWE-041/

marginal.gitbook.io/docs

github.com/MarginalProtocol

medium.com/...nerability-using-verifiably-false-0a27b92ac2db

cve.org (CVE-2026-4931)

nvd.nist.gov (CVE-2026-4931)

Download JSON

help @ threatint.eu